From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
To: <dev@dpdk.org>
Cc: <anoobj@marvell.com>, Akhil Goyal <gakhil@marvell.com>,
Fan Zhang <fanzhang.oss@gmail.com>, Kai Ji <kai.ji@intel.com>,
Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>,
Ciara Power <ciara.power@intel.com>,
Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Subject: [PATCH v3 3/7] cryptodev: use generic EC xform params for SM2
Date: Thu, 28 Sep 2023 22:39:16 +0530 [thread overview]
Message-ID: <20230928170920.1454-4-gmuthukrishn@marvell.com> (raw)
In-Reply-To: <20230928170920.1454-1-gmuthukrishn@marvell.com>
SM2 curve could use generic EC xform as it is yet another EC.
This would also require SM2 curve ID enumerated
along with other curves, as listed in:
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
---
app/test/test_cryptodev_asym.c | 40 ++++++++++++--------
app/test/test_cryptodev_sm2_test_vectors.h | 4 +-
doc/guides/rel_notes/release_23_11.rst | 2 +
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 3 --
lib/cryptodev/rte_crypto_asym.h | 19 +++-------
5 files changed, 34 insertions(+), 34 deletions(-)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 61f65823df..95fef9b42a 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -1846,10 +1846,7 @@ _test_sm2_sign(bool rnd_secret)
/* Setup asym xform */
xform.next = NULL;
xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
- if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
- xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
- else
- xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
+ xform.ec.curve_id = input_params.curve;
ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
if (ret < 0) {
@@ -1867,6 +1864,11 @@ _test_sm2_sign(bool rnd_secret)
/* Populate op with operational details */
asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
+ if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+ asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ else
+ asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL;
+
asym_op->sm2.message.data = input_params.message.data;
asym_op->sm2.message.length = input_params.message.length;
asym_op->sm2.pkey.data = input_params.pkey.data;
@@ -2038,10 +2040,7 @@ test_sm2_verify(void)
/* Setup asym xform */
xform.next = NULL;
xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
- if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
- xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
- else
- xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
+ xform.ec.curve_id = input_params.curve;
ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
if (ret < 0) {
@@ -2059,6 +2058,11 @@ test_sm2_verify(void)
/* Populate op with operational details */
asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
+ if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+ asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ else
+ asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL;
+
asym_op->sm2.message.data = input_params.message.data;
asym_op->sm2.message.length = input_params.message.length;
asym_op->sm2.pkey.data = input_params.pkey.data;
@@ -2150,10 +2154,7 @@ _test_sm2_enc(bool rnd_secret)
/* Setup asym xform */
xform.next = NULL;
xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
- if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
- xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
- else
- xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
+ xform.ec.curve_id = input_params.curve;
ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
if (ret < 0) {
@@ -2171,6 +2172,11 @@ _test_sm2_enc(bool rnd_secret)
/* Populate op with operational details */
asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
+ if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+ asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ else
+ asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL;
+
asym_op->sm2.message.data = input_params.message.data;
asym_op->sm2.message.length = input_params.message.length;
asym_op->sm2.pkey.data = input_params.pkey.data;
@@ -2340,10 +2346,7 @@ test_sm2_dec(void)
/* Setup asym xform */
xform.next = NULL;
xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
- if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
- xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
- else
- xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
+ xform.ec.curve_id = input_params.curve;
ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
if (ret < 0) {
@@ -2361,6 +2364,11 @@ test_sm2_dec(void)
/* Populate op with operational details */
asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
+ if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+ asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ else
+ asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL;
+
asym_op->sm2.cipher.data = input_params.cipher.data;
asym_op->sm2.cipher.length = input_params.cipher.length;
asym_op->sm2.pkey.data = input_params.pkey.data;
diff --git a/app/test/test_cryptodev_sm2_test_vectors.h b/app/test/test_cryptodev_sm2_test_vectors.h
index 7a4ce70c10..3d2dba1359 100644
--- a/app/test/test_cryptodev_sm2_test_vectors.h
+++ b/app/test/test_cryptodev_sm2_test_vectors.h
@@ -17,6 +17,7 @@ struct crypto_testsuite_sm2_params {
rte_crypto_param id;
rte_crypto_param cipher;
rte_crypto_param message;
+ int curve;
};
static uint8_t fp256_pkey[] = {
@@ -123,7 +124,8 @@ struct crypto_testsuite_sm2_params sm2_param_fp256 = {
.cipher = {
.data = fp256_cipher,
.length = sizeof(fp256_cipher),
- }
+ },
+ .curve = RTE_CRYPTO_EC_GROUP_SM2
};
#endif /* __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__ */
diff --git a/doc/guides/rel_notes/release_23_11.rst b/doc/guides/rel_notes/release_23_11.rst
index 9746809a66..e9afae8030 100644
--- a/doc/guides/rel_notes/release_23_11.rst
+++ b/doc/guides/rel_notes/release_23_11.rst
@@ -97,6 +97,8 @@ Removed Items
* kni: Removed the Kernel Network Interface (KNI) library and driver.
+* crypto: Removed SM2 xform parameter in asymmetric xform.
+
API Changes
-----------
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index d5dc365064..6252a36f94 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -1305,9 +1305,6 @@ static int openssl_set_asym_session_parameters(
OSSL_PARAM *params = NULL;
int ret = -1;
- if (xform->sm2.hash != RTE_CRYPTO_AUTH_SM3)
- return -1;
-
param_bld = OSSL_PARAM_BLD_new();
if (!param_bld) {
OPENSSL_LOG(ERR, "failed to allocate params\n");
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index cbcfe1dc26..4b9d6a9d9f 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -69,7 +69,8 @@ enum rte_crypto_curve_id {
RTE_CRYPTO_EC_GROUP_SECP224R1 = 21,
RTE_CRYPTO_EC_GROUP_SECP256R1 = 23,
RTE_CRYPTO_EC_GROUP_SECP384R1 = 24,
- RTE_CRYPTO_EC_GROUP_SECP521R1 = 25
+ RTE_CRYPTO_EC_GROUP_SECP521R1 = 25,
+ RTE_CRYPTO_EC_GROUP_SM2 = 41,
};
/**
@@ -378,16 +379,6 @@ struct rte_crypto_ec_xform {
/**< Pre-defined ec groups */
};
-/**
- * Asymmetric SM2 transform data.
- *
- * Structure describing SM2 xform params.
- */
-struct rte_crypto_sm2_xform {
- enum rte_crypto_auth_algorithm hash;
- /**< Hash algorithm used in SM2 op. */
-};
-
/**
* Operations params for modular operations:
* exponentiation and multiplicative inverse
@@ -644,9 +635,6 @@ struct rte_crypto_asym_xform {
/**< EC xform parameters, used by elliptic curve based
* operations.
*/
-
- struct rte_crypto_sm2_xform sm2;
- /**< SM2 xform parameters */
};
};
@@ -657,6 +645,9 @@ struct rte_crypto_sm2_op_param {
enum rte_crypto_asym_op_type op_type;
/**< Signature generation or verification. */
+ enum rte_crypto_auth_algorithm hash;
+ /**< Hash algorithm used in EC op. */
+
rte_crypto_uint pkey;
/**< Private key for encryption or sign generation. */
--
2.25.1
next prev parent reply other threads:[~2023-09-28 17:09 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-10 9:35 [v1 0/6] cryptodev: support digest message in SM2 Gowrishankar Muthukrishnan
2023-08-10 9:35 ` [v1 1/6] crypto/openssl: include SM2 in asymmetric capabilities Gowrishankar Muthukrishnan
2023-09-26 19:53 ` Kusztal, ArkadiuszX
2023-08-10 9:35 ` [v1 2/6] cryptodev: add RNG capability in EC based xform Gowrishankar Muthukrishnan
2023-09-26 19:53 ` Kusztal, ArkadiuszX
2023-08-10 9:35 ` [v1 3/6] cryptodev: add hash support in asymmetric capability Gowrishankar Muthukrishnan
2023-09-26 20:03 ` Kusztal, ArkadiuszX
2023-09-27 5:55 ` Gowrishankar Muthukrishnan
2023-08-10 9:35 ` [v1 4/6] cryptodev: use generic EC xform params for SM2 Gowrishankar Muthukrishnan
2023-09-26 20:05 ` Kusztal, ArkadiuszX
2023-08-10 9:35 ` [v1 5/6] app/test: check asymmetric capabilities in SM2 test Gowrishankar Muthukrishnan
2023-09-26 20:05 ` Kusztal, ArkadiuszX
2023-08-10 9:35 ` [v1 6/6] crypto/cnxk: add SM2 support Gowrishankar Muthukrishnan
2023-09-14 7:21 ` [v1 0/6] cryptodev: support digest message in SM2 Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 0/7] " Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 1/7] crypto/openssl: include SM2 in asymmetric capabilities Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 2/7] cryptodev: set private and public keys in EC session Gowrishankar Muthukrishnan
2023-09-28 12:44 ` Power, Ciara
2023-09-28 13:12 ` Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 3/7] cryptodev: add RNG capability in EC based xform Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 4/7] cryptodev: add hash algorithms in asymmetric capability Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 5/7] cryptodev: use generic EC xform params for SM2 Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 6/7] app/test: check asymmetric capabilities in SM2 test Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 7/7] crypto/cnxk: add SM2 support Gowrishankar Muthukrishnan
2023-09-28 17:09 ` [PATCH v3 0/7] cryptodev: support digest message in SM2 Gowrishankar Muthukrishnan
2023-09-28 17:09 ` [PATCH v3 1/7] crypto/openssl: include SM2 in asymmetric capabilities Gowrishankar Muthukrishnan
2023-09-28 17:09 ` [PATCH v3 2/7] cryptodev: add hash algorithms in asymmetric capability Gowrishankar Muthukrishnan
2023-09-28 17:09 ` Gowrishankar Muthukrishnan [this message]
2023-09-28 17:09 ` [PATCH v3 4/7] cryptodev: set private and public keys in EC session Gowrishankar Muthukrishnan
2023-09-29 12:47 ` Power, Ciara
2023-09-28 17:09 ` [PATCH v3 5/7] cryptodev: add RNG capability in EC based xform Gowrishankar Muthukrishnan
2023-09-28 17:09 ` [PATCH v3 6/7] crypto/cnxk: add SM2 support Gowrishankar Muthukrishnan
2023-09-28 17:09 ` [PATCH v3 7/7] app/test: check asymmetric capabilities in SM2 test Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 0/7] cryptodev: support digest message in SM2 Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 1/7] crypto/openssl: include SM2 in asymmetric capabilities Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 2/7] cryptodev: add hash algorithms in asymmetric capability Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 3/7] cryptodev: use generic EC xform params for SM2 Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 4/7] cryptodev: set private and public keys in EC session Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 5/7] cryptodev: add RNG capability in EC based xform Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 6/7] crypto/cnxk: add SM2 support Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 7/7] app/test: check asymmetric capabilities in SM2 test Gowrishankar Muthukrishnan
2023-10-09 19:07 ` [PATCH v4 0/7] cryptodev: support digest message in SM2 Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230928170920.1454-4-gmuthukrishn@marvell.com \
--to=gmuthukrishn@marvell.com \
--cc=anoobj@marvell.com \
--cc=arkadiuszx.kusztal@intel.com \
--cc=ciara.power@intel.com \
--cc=dev@dpdk.org \
--cc=fanzhang.oss@gmail.com \
--cc=gakhil@marvell.com \
--cc=kai.ji@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).